Some companies provide their employees with computing devices that are dedicated for work purposes. These companies often impose restrictions on the usage of the devices. For example, some companies instruct their employees to refrain from using their work devices for personal activities.
Some companies implement “bring your own device” (BYOD) policies in which employees are allowed to bring their personal devices to work and to use their personal devices for work purposes. For instance, these companies may allow their employees to use their personal laptops to access their companies' internal networks, email servers, and work files.
However, if the security of an employee's personal device is compromised, the compromised device can subject a company to an increased security risk. For example, if an employee's operating system is not updated with the latest security patches, a malicious user can exploit security vulnerabilities in the compromised device to gain access to the company's resources through the user's compromised device.